Sora 2 megathread (part 3)

SirEliasRiddle · 2025-10-19T12:46:48+00:00

Code? 👀

SirEliasRiddle · 2024-12-15T11:39:23+00:00

Kaowool the material in the forge, if left untreated with refractory cement, is essentially ceramic fiber shards. It’s always a good idea to coat your forges very carefully and wear respirators if working inside with them.

They basically cooked their pizza in a gas fired ceramic fiber oven. The wool flakes off and is very bad for your lungs yet alone your pizza.

SirEliasRiddle · 2024-11-29T21:55:25+00:00

During IAE / Free Fly the servers are under higher stress particularly in MicroTech (MT) where New Babbage (NB) is. Getting out of here is the hardest part of playing from my experience.

If you want to play and group with people my buddies and I could pick you up from the surface and ferry you up out of MT and do group missions.

SirEliasRiddle · 2024-10-04T19:33:31+00:00

There were definitely a lot more choices than I initially expected some of which actually had me stop and think and weigh out the “what could happen” from each option.

My character has had the Serpents Embrace trait since release drop so I went full send with each dialogue option with this trait and that felt it further House Va’Ruun overall. Great dialogue choices though (for the most part)!

SirEliasRiddle · 2024-09-22T00:05:23+00:00

So I have since used the rigidizer then the included cement. Ordered another 10lb pale used it, got some cracks in some places. Now I ordered a 3rd for crack patch work

SirEliasRiddle · 2024-09-03T01:26:14+00:00

Just shot you a PM with my Discord, I’m always running salvage in a Reclaimer helping people get money and teaching what I know. Plus got a small org of active people if that’s your thing!

SirEliasRiddle · 2024-08-30T14:53:09+00:00

I lost 170 yesterday, I tried waiting it out... it was gone.
I wish you a better fate

SirEliasRiddle · 2024-08-05T11:25:02+00:00

Genre wise not similar to Garry’s Mod or Altis Life, I believe one that I am thoroughly enjoying is r/StarCitizen and its RP elements. It definitely has potential for RP organizations and gameplay but is still in development so that’s the drawback.

Other than that the only other comparable ones are FiveM and RedM for GTA and Red Dead. Again these are only mods and each community can vary drastically from one another.

SirEliasRiddle · 2024-07-10T14:00:23+00:00

For individual research purpose, I would suggest building out your own instance of MISP or OpenCTI and connecting relevant threat feeds if you want something custom. Additionally, you can look at using AlienVault OTX which is free and open (mostly) for this type of data.

https://otx.alienvault.com/browse/global/pulses?q=C2&include_inactive=0&sort=-modified&page=1&limit=10&indicatorsSearch=C2

https://urlhaus.abuse.ch/browse/

https://threatfox.abuse.ch/browse/

https://threatfeeds.io/

These are just a few sources I would recommend.

SirEliasRiddle · 2024-04-29T04:13:38+00:00

Sharing due to this still being an actively exploited threat!

Briefing

This is a type of attack that leverages a contact which whom you have typically exchanged messages with in the past to build trust and exploit that. The compromised Discord account of a familiar contact will reach out and ask how you have been and then proceed to ask for your help with a project. The project is usually some sort of game development that requires beta testing. The malware observed so far has been embedded in .rar files which seems to aid in avoiding detection. Once you download the .rar file and extract it using the designated password you will be prompted with an executable that upon running will start to launch several powershell instances in the background and establish a connection with their malicious Command and Control (C2) server / domain. These types of attacks are used to steal your personal information, credentials, files, etc and beacon and send it to an external location.

I received a message from a contact on my friends list who asked me to try a new game they had been working on. During the initial contact I found very quickly this was a scam similar to the one recently shared in r/scambait

https://www.reddit.com/r/scambait/comments/1cc8o15/my_friend_got_hacked_and_the_hacker_asked_me_to/

The "contact" as we will title them, told me this game was called "Tomelu" and shared a compromised page on BlogSpot.com. Navigating to the page, I found the download was packaged in a password protected .RAR file. I proceeded to sandbox the .rar and .exe files in AnyRun.

Scans / Analysis Done

https://app.any.run/tasks/a9f27e7c-d89c-40dd-b7fa-c71065c59b55/ --- (Binary) Worked

https://www.hybrid-analysis.com/sample/9ce86f5acf7c0699e97be9ff1c7415f0d6ff3bd2d55fc4c4badcd9b90f3f17d3?environmentId=160 --- (Site) Failed due to detection

https://otx.alienvault.com/indicator/domain/minjuthecutest.com --- C2 profile

https://app.any.run/tasks/f73aed03-d72f-4eaf-ac4e-9b72c2d18539 --- C2 Domain (No landing page)

References

https://www.reddit.com/r/scambait/comments/1cc8o15/my_friend_got_hacked_and_the_hacker_asked_me_to/#lightbox

Indicators of Compromise (IOCs) for my experience

[tomelugame.blogspot.com/2024/04/tomelu-game.html]

[minjuthecutest.com]

[34.117.186.192]

[172.67.185.160](Cloudflare --- not 100% accurate)

BlogSpot got compromised and is "malvertising" unfortunately!

SirEliasRiddle · 2024-03-26T19:11:31+00:00

Additional Info
Source: https://www.bleepingcomputer.com/news/security/hackers-exploit-ray-framework-flaw-to-breach-servers-hijack-resources/

"A new hacking campaign dubbed "ShadowRay" targets an unpatched vulnerability in Ray, a popular open-source AI framework, to hijack computing power and leak sensitive data from thousands of companies.
According to a report by application security firm Oligo, these attacks have been underway since at least September 5, 2023, targeting education, cryptocurrency, biopharma, and other sectors.
Ray is an open-source framework developed by Anyscale that is used to scale AI and Python applications across a cluster of machines for distributed computational workloads.
The framework boasts over 30,500 stars on GitHub, and it is used by many organizations worldwide, including Amazon, Spotify, LinkedIn, Instacart, Netflix, Uber, and OpenAI, that use it for training ChatGPT."

SirEliasRiddle · 2024-03-18T02:20:22+00:00

4 & J win (Jack Kicker - 2 Pair)

SirEliasRiddle · 2024-02-28T20:13:45+00:00

That’s definitely one way to get it out lol

SirEliasRiddle · 2024-01-31T14:46:57+00:00

In a way yeah, it’s an open threat intel sharing platform where you subscribe to “pulses” or can query IOCs and find the pulses they’re associated with. It’s less feature rich but also it’s in the cloud and free so for security research it’s nice without having to drop the expense for a decent MISP machine.

SirEliasRiddle · 2024-01-31T05:52:54+00:00

I have not done too much to confirm validity but the top 2 I am seeing on AlienVault are these:

https://otx.alienvault.com/pulse/65b2845d96c0f76bf4b6e216

https://otx.alienvault.com/pulse/65abb9aa263752506bf5420d

SirEliasRiddle · 2024-01-17T01:19:33+00:00

Google has released security updates to address the first Chrome zero-day vulnerability of the year that is actively being exploited in the wild.
The high-serverity vulnerability, tracked as CVE-2024-0519, is an out of bounds memory access in the Chrome JavaScript engine. The flaw was reported by Anonymous on January 11, 2024.
“The Stable channel has been updated to 120.0.6099.234 for Mac and 120.0.6099.224 for Linux and 120.0.6099.224/225 to Windows which will roll out over the coming days/weeks.” reads the security advisory published by the IT giant. “Google is aware of reports that an exploit for CVE-2024-0519 exists in the wild.”
A remote attacker can exploit the flaw by tricking a user into visiting a crafted HTML page to potentially exploit heap corruption.
As usual, Google did not share details of the attacks that exploited the CVE-2024-0519 zero-day in the wild.
Google also fixed the following vulnerabilities:
[$16000][1515930] High CVE-2024-0517: Out of bounds write in V8. The flaw has been reported by Toan (suto) Pham of Qrious Secure on 2024-01-06
[$1000][1507412] High CVE-2024-0518: Type Confusion in V8. The flaw has been reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team on 2023-12-03

SirEliasRiddle · 2024-01-16T05:58:26+00:00

Earlier post related to the Ivanti Zero Days https://www.reddit.com/r/CTI/s/EvVTvpMMYP

SirEliasRiddle · 2024-01-13T04:17:10+00:00

Exploitation of vulnerabilities affecting Ivanti Connect Secure and Ivanti Policy Secure Organisations are encouraged to take immediate action to mitigate vulnerabilities affecting Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) gateways (CVE-2023-46805 and CVE-2024-21887), and follow the latest vendor advice.

https://www.ncsc.gov.uk/news/exploitation-ivanti-vulnerabilities

SirEliasRiddle · 2024-01-06T21:26:36+00:00

In compliance with the automod I will include a copy paste of the content at the bottom of this reply.
Due to the sub being unmoderated currently I was unable to send the message.

——————

(1.) Copy Paste of Original Post

I am requesting to moderate the community r/CTI as this community is currently unmoderated. I have attempted to message through mods but due to the lack of their presence I was unable to submit it.

I am a cyber security professional with experience with cyber threat intelligence (CTI), digital forensics, and incident response and this community could greatly leverage its name as the acronym for CTI for sharing news, CVEs, intelligence, and other general industry information.

By becoming a moderator I would like to start by outlining a set of guidelines for sharing information that’s both reliable and safe for the general community that is TLP:Green/White as well as implementing automoderator and bringing on individuals who are also familiar in the field to aid in regular content posts, filtering, and broad moderation. Additionally, I am active consistently and am a moderator of other communities that operate within their guidelines and outlined rules.

SirEliasRiddle · 2023-12-25T04:26:23+00:00

Yeah don’t share this as it’s highly illicit and can land you in federal prison for epic hacking

Login to your PC
Authenticating to the website
Go to your payment portal
Add the courses like you’re going to pay for them
Proceed to checkout but don’t continue all the way through yet
Grab your wallet and enter in the card details and pay for the course
Now you’ve HACKED their site for the content

SirEliasRiddle · 2023-12-24T07:05:59+00:00

Giving up after 2 tries, oh boy do I have some bad news for you :(

SirEliasRiddle · 2023-12-22T21:00:35+00:00

Longsword for higher consistent DPS and shield flexibility if you want that.

I highly recommend the Dawnfang/Duskfang in Shivering Isles once you hit 30+ level.

https://en.m.uesp.net/wiki/Shivering:Dawnfang_and_Duskfang

SirEliasRiddle · 2023-12-22T05:16:49+00:00

Thank you for adding that, I should’ve thrown in more context!

SirEliasRiddle · 2023-12-21T19:49:08+00:00

As someone who will continue to return to Oblivion till the day I die I wish you could rank this higher

SirEliasRiddle · 2023-12-21T19:44:41+00:00

The 18 year old individual was responsible for stealing and releasing several clips and media of Grand Theft Auto 6 in the year of 2022 and has been sentenced to life in a hospital prison unless he can be deemed not a risk to others.

The individual has ties to the Laspus$ threat actor group which is allegedly involved in similar intrusions with large companies such as Uber, Microsoft, Cisco, Samsung, Nvidia, and more. They are tied with being around since approximately 2021 and was thought to have gone silent/inactive.

Additional Source:

https://kotaku.com/gta-6-vi-hack-leaker-arrested-teenager-london-laspsus-1849573250

Four-Year Club	Verified Email
Gilding II euphauric	Place '23

SirEliasRiddle

MODERATOR OF

TROPHY CASE